From unknown Mon Jun 23 16:46:59 2025 X-Loop: help-debbugs@gnu.org Subject: bug#19827: sed 4.2.2 hangs when passed specially crafted program Resent-From: Alexander Nasonov Original-Sender: "Debbugs-submit" Resent-CC: bug-sed@gnu.org Resent-Date: Tue, 10 Feb 2015 08:41:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 19827 X-GNU-PR-Package: sed X-GNU-PR-Keywords: To: 19827@debbugs.gnu.org X-Debbugs-Original-To: bug-sed@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.14235576083619 (code B ref -1); Tue, 10 Feb 2015 08:41:03 +0000 Received: (at submit) by debbugs.gnu.org; 10 Feb 2015 08:40:08 +0000 Received: from localhost ([127.0.0.1]:38871 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YL6MY-0000wI-TS for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:40:08 -0500 Received: from eggs.gnu.org ([208.118.235.92]:42439) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YL5wk-0000Ga-Bf for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YL5we-0002rJ-3c for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:20 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:46082) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5we-0002rF-0H for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:20 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44156) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5wd-0001tI-3G for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:19 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YL5wY-0002qj-4u for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:19 -0500 Received: from forward10l.mail.yandex.net ([84.201.143.143]:57986) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5wX-0002qY-Qb for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:14 -0500 Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [37.140.190.29]) by forward10l.mail.yandex.net (Yandex) with ESMTP id 40587BA155B for ; Tue, 10 Feb 2015 11:13:11 +0300 (MSK) Received: from smtp4o.mail.yandex.net (localhost [127.0.0.1]) by smtp4o.mail.yandex.net (Yandex) with ESMTP id A73152322F9E for ; Tue, 10 Feb 2015 11:13:10 +0300 (MSK) Received: from chomsky.torservers.net (chomsky.torservers.net [77.247.181.162]) by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id cWdED2Ybqt-D9PGkCSM; Tue, 10 Feb 2015 11:13:09 +0300 (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1423555990; bh=rcu87beA3VsMiCP28yXDNveGpGJ2zpmnR0WQljenoo8=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type: Content-Disposition:User-Agent; b=QfPXVbO2yc/5SoLja6XkTlxfqMBmcWumWg83JyPLBu+f4TaxRbH3Ym7KNzjg+jCUM XdzKTcuF7TLpVkjntZuwCNe7sTBLnXMCJyJNeT2Z0njIYt4NqxygYC3fpAZLIghYpn gM31H53DqDSWyZBUccviz62VZN8cCcOoDnUJbKHU= Authentication-Results: smtp4o.mail.yandex.net; dkim=pass header.i=@yandex.ru Date: Tue, 10 Feb 2015 08:18:27 +0000 From: Alexander Nasonov Message-ID: <20150210081827.GA7550@neva> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -4.0 (----) X-Mailman-Approved-At: Tue, 10 Feb 2015 03:40:05 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) This was found by the afl fuzzer http://lcamtuf.coredump.cx/afl/ $ echo | gsed -f afl-out/crashes/id*03,* ^C $ cat afl-out/crashes/id*03,* $G $D $ hexdump -C afl-out/crashes/id*03,* 00000000 24 47 0a 24 44 0a 0a 0a |$G.$D...| 00000008 or echo | gsed -e '$G > $D > > > ' ^C I ran the fuzzer and the test on NetBSD amd64 7.99.x. Alex From unknown Mon Jun 23 16:46:59 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.503 (Entity 5.503) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Alexander Nasonov Subject: bug#19827: closed (Re: sed 4.2.2 hangs when passed specially crafted program) Message-ID: References: <20150210081827.GA7550@neva> X-Gnu-PR-Message: they-closed 19827 X-Gnu-PR-Package: sed Reply-To: 19827@debbugs.gnu.org Date: Mon, 04 May 2015 04:59:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1430715543-6202-1" This is a multi-part message in MIME format... ------------=_1430715543-6202-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #19827: sed 4.2.2 hangs when passed specially crafted program which was filed against the sed package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 19827@debbugs.gnu.org. --=20 19827: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D19827 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1430715543-6202-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 19827-done) by debbugs.gnu.org; 4 May 2015 04:58:22 +0000 Received: from localhost ([127.0.0.1]:32959 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yp8SU-0001bB-5M for submit@debbugs.gnu.org; Mon, 04 May 2015 00:58:22 -0400 Received: from mail-ig0-f178.google.com ([209.85.213.178]:34665) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Yp8SS-0001aw-ER for 19827-done@debbugs.gnu.org; Mon, 04 May 2015 00:58:20 -0400 Received: by iget9 with SMTP id t9so59978601ige.1 for <19827-done@debbugs.gnu.org>; Sun, 03 May 2015 21:58:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to:content-type; bh=NJDVryXEIj09mnCSqcXTz2ZC9ord4VYGrBejXBslGv0=; b=R50sfnTGfoXZjXGjGFT6qoyDOXk3dMbSRQjhTDHtu1Te6WHe4vDM/enD5vGsoVFMRy IRR+PdonV9IIquM9mu39N7TNq0qeLhKCaTRVi+/NGSFsufh+CZAEI/de0qK6WUDEgdm7 Y+w4WdvbvlTKfrTWiiePJdwwOeuJq9LsKfKN1srsH1WAKe5nP5p9yoNXW6O1AFv2uMBQ 6N/p60qUoOPHISTjxAYOSA2GdOORCx5KudO23Sjwp4UnF5qSw0ZELvoOFy5C3JYyVpcP /TtQ5cT/m1+Fd33TWjPitnN5O+vST6O0e1HC/d17Y25lV+117JpC8KMc+FYy+lVoOnRm CrEA== X-Received: by 10.50.50.148 with SMTP id c20mr10965234igo.0.1430715494636; Sun, 03 May 2015 21:58:14 -0700 (PDT) MIME-Version: 1.0 Received: by 10.64.62.229 with HTTP; Sun, 3 May 2015 21:57:54 -0700 (PDT) From: Jim Meyering Date: Sun, 3 May 2015 21:57:54 -0700 X-Google-Sender-Auth: eOXSNlO-qklZ-oMl5CaP490ToKg Message-ID: Subject: Re: sed 4.2.2 hangs when passed specially crafted program To: 19827-done@debbugs.gnu.org, Alexander Nasonov Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 19827-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) tags 19827 notabug thanks I've just noticed that there are some bug reports that have never reached my inbox. The first one I've examined is https://debbugs.gnu.org/19827, which reports that you used the afl fuzzer http://lcamtuf.coredump.cx/afl/ to find that this command never terminates: echo | sed/sed 'G;D' However, that is a legitimate program, and with that input, it happens to specify an endless loop. Thus, I'm marking this as "notabug" and closing the issue. However, you are welcome to make further comments. Thank you for helping to test GNU sed! I'm planning to release sed-3.4 soon, so if you have more time for testing (using the latest from git), it'd be great to see how we're doing. ------------=_1430715543-6202-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 10 Feb 2015 08:40:08 +0000 Received: from localhost ([127.0.0.1]:38871 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YL6MY-0000wI-TS for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:40:08 -0500 Received: from eggs.gnu.org ([208.118.235.92]:42439) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YL5wk-0000Ga-Bf for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:27 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YL5we-0002rJ-3c for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:20 -0500 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,FREEMAIL_FROM, T_DKIM_INVALID autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([208.118.235.17]:46082) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5we-0002rF-0H for submit@debbugs.gnu.org; Tue, 10 Feb 2015 03:13:20 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:44156) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5wd-0001tI-3G for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:19 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YL5wY-0002qj-4u for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:19 -0500 Received: from forward10l.mail.yandex.net ([84.201.143.143]:57986) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YL5wX-0002qY-Qb for bug-sed@gnu.org; Tue, 10 Feb 2015 03:13:14 -0500 Received: from smtp4o.mail.yandex.net (smtp4o.mail.yandex.net [37.140.190.29]) by forward10l.mail.yandex.net (Yandex) with ESMTP id 40587BA155B for ; Tue, 10 Feb 2015 11:13:11 +0300 (MSK) Received: from smtp4o.mail.yandex.net (localhost [127.0.0.1]) by smtp4o.mail.yandex.net (Yandex) with ESMTP id A73152322F9E for ; Tue, 10 Feb 2015 11:13:10 +0300 (MSK) Received: from chomsky.torservers.net (chomsky.torservers.net [77.247.181.162]) by smtp4o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id cWdED2Ybqt-D9PGkCSM; Tue, 10 Feb 2015 11:13:09 +0300 (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (Client certificate not present) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1423555990; bh=rcu87beA3VsMiCP28yXDNveGpGJ2zpmnR0WQljenoo8=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type: Content-Disposition:User-Agent; b=QfPXVbO2yc/5SoLja6XkTlxfqMBmcWumWg83JyPLBu+f4TaxRbH3Ym7KNzjg+jCUM XdzKTcuF7TLpVkjntZuwCNe7sTBLnXMCJyJNeT2Z0njIYt4NqxygYC3fpAZLIghYpn gM31H53DqDSWyZBUccviz62VZN8cCcOoDnUJbKHU= Authentication-Results: smtp4o.mail.yandex.net; dkim=pass header.i=@yandex.ru Date: Tue, 10 Feb 2015 08:18:27 +0000 From: Alexander Nasonov To: bug-sed@gnu.org Subject: sed 4.2.2 hangs when passed specially crafted program Message-ID: <20150210081827.GA7550@neva> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.23 (2014-03-12) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 208.118.235.17 X-Spam-Score: -4.0 (----) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Tue, 10 Feb 2015 03:40:05 -0500 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -4.0 (----) This was found by the afl fuzzer http://lcamtuf.coredump.cx/afl/ $ echo | gsed -f afl-out/crashes/id*03,* ^C $ cat afl-out/crashes/id*03,* $G $D $ hexdump -C afl-out/crashes/id*03,* 00000000 24 47 0a 24 44 0a 0a 0a |$G.$D...| 00000008 or echo | gsed -e '$G > $D > > > ' ^C I ran the fuzzer and the test on NetBSD amd64 7.99.x. Alex ------------=_1430715543-6202-1--